1
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-16 21:56:40 -05:00

caddyhttp: Fix test when /tmp/etc already exists (#4544)

The TestFileListing test in tplcontext_test has one test that verifies
if directory traversal is not happening. The context root is set to
'/tmp' and then it tries to open '../../../../../etc', which gets
normalized to '/tmp/etc'.

The test then expects an error to be returned, assuming that '/tmp/etc'
does not exist on the system. When it does exist, it results in a test
failure:

```
--- FAIL: TestFileListing (0.00s)
    tplcontext_test.go:422: Test 4: Expected error but had none
    FAIL
    FAIL
    github.com/caddyserver/caddy/v2/modules/caddyhttp/templates	0.042s
```

Instead of using '/tmp' as root, use a dedicated directory created with
`os.MkdirTemp()` instead. That way, we know that the directory is empty.
This commit is contained in:
Kevin Daudt 2022-01-24 22:41:08 +01:00 committed by GitHub
parent bf380d00ab
commit 44e5e9e43f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -608,6 +608,9 @@ title = "Welcome"
func getContextOrFail(t *testing.T) TemplateContext {
tplContext, err := initTestContext()
t.Cleanup(func() {
os.RemoveAll(string(tplContext.Root.(http.Dir)))
})
if err != nil {
t.Fatalf("failed to prepare test context: %v", err)
}
@ -620,8 +623,12 @@ func initTestContext() (TemplateContext, error) {
if err != nil {
return TemplateContext{}, err
}
tmpDir, err := os.MkdirTemp(os.TempDir(), "caddy")
if err != nil {
return TemplateContext{}, err
}
return TemplateContext{
Root: http.Dir(os.TempDir()),
Root: http.Dir(tmpDir),
Req: request,
RespHeader: WrappedHeader{make(http.Header)},
}, nil